Two paired Claude skills · 90+ recon modules · 48 secret-regex patterns · 80+ dorks · 9 read-only credential validators · 27 attack-path templates · 5,500+ lines of structured tradecraft. Drop-in S…

Collection of Facebook Bug Bounty Writeups

Agent skills for Obsidian. Teach your agent to use Obsidian CLI and open formats including Markdown, Bases, JSON Canvas.

Disposable webmail server (similar to Mailinator) with built in SMTP, POP3, RESTful servers; no DB required.

MCP server + REST API para validacao de CPFs e consulta ao TRT3 com solver de CAPTCHA CRNN

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more

Open-source mobile security testing suite for iOS and Android. Previously Passionfruit

An agent-managed museum exhibit, built in Rust with Gajae-Code / LazyCodex — developed and maintained with no human intervention.

An MCP server to let AI agents control Intruder

AndroHunter

Lightweight S3 misconfiguration and takeover detection tool

A list of established remote companies

Android deeplink misconfiguration detector and exploitation tool

WebSocket Penetration Testing Toolkit for Burp Suite

A Model Context Protocol (MCP) server for querying the CVE-Search API

JSON Web Token Hack Toolkit

Agentic Pentesting MCP server that discovers, exploits, and reports web application vulnerabilities.

Persistent Context Across Sessions for Every Agent – Captures everything your agent does during sessions, compresses it with AI, and injects relevant context back into future sessions. Works with C…

A Burp Suite extension for GraphQL security testing.

AI-Powered Dark Web OSINT Tool

Cloudflare Turnstile 绕过工具 | Cloudflare Bypass Tool based on SeleniumBase UC Mode | 支持 Mac/Windows/Linux

Auto Frida is a powerful, all-in-one automation toolkit that handles everything from Frida installation to script injection. Zero manual setup required – just connect your device and start testing.

Python-based static analyzer for Android APKs that extracts attack surface and flags high-risk vulnerability patterns with lightweight taint heuristics.

A tool for automating interactions with Android devices - including ADB, AndroGuard, and Frida interactivity.

A tool for analysing Android APKs and extracting root, integrity, and tamper detection checks.

A comprehensive penetration testing operations dashboard for managing projects, tasks, findings, clients, and assets. Built with Next.js, Express, and MongoDB.

An advanced Frida-based instrumentation suite designed for Android App VAPT and security auditing.

A fast and efficient subdomain hijacking scanner that checks for takeover vulnerabilities by matching HTTP response bodies against predefined service fingerprints.

Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before t…